Network Time Machine Fastest all-in-one appliance for back in time network and application analysis

Similar documents
Network Time Machine Fastest all-in-one appliance for back in time network and application analysis

Selecting a Network Recorder for back-in-time analysis to solve intermittent problems and unexpected events

Test Equipment Depot Washington Street Melrose, MA TestEquipmentDepot.com. Application Advisor

Application-Centric Analysis Helps Maximize the Value of Wireshark

Observer Analysis Advantages

Observer Probe Family

CT LANforge-FIRE VoIP Call Generator

Observer Probe Family

QuickSpecs. HP PCM Plus v4 Network Management Software Series (Retired) Key features

HP PCM Plus v4 Network Management Software Series

HP E-PCM Plus Network Management Software Series

HP PCM Plus v3 Network Management Software Series Overview

Diagnosing the cause of poor application performance

Observer Reporting Server Sample Executive Reports

JDSU Network Analyzer 10 Gigabit Ethernet Analysis Solution Wireline Protocol Test

Network Security Platform 7.5

Diagnosing the cause of poor application performance

CT LANforge-FIRE VoIP Call Generator

Centralized Orchestration and Performance Monitoring

Datasheet. Cover. Datasheet. (Enterprise Edition) Copyright 2015 Colasoft LLC. All rights reserved. 0

OptiView. Total integration Total control Total Network SuperVision. Network Analysis Solution. No one knows the value of an

Datasheet. Advanced Network Routers. Models: ERPro-8, ER-8, ERPoe-5, ERLite-3. Sophisticated Routing Features

Oracle Enterprise Operations Monitor

Datasheet. Enterprise Gateway Router with Gigabit Ethernet. Models: USG, USG-PRO-4. Advanced Security, Monitoring, and Management

Benefits. Product Overview. There is nothing more important than our customers. DATASHEET

OptiView. Total integration Total control Total Network SuperVision. Network Analysis Solution. No one knows the value of an

Troubleshooting LANs with Wirespeed Packet Capture and Expert Analysis

Next Generation Network Troubleshooting Tool. Enhanced VoIP and Streaming Support New ClearSight Reporter Enhanced IPv6 Support

UNIFIED PERFORMANCE MANAGEMENT

Network Simulation Traffic, Paths and Impairment

Cover. White Paper. (nchronos 4.1)

AXIS 262+ Network Video Recorder

VoIP Monitor Professional

Customized Cloud Solution

Troubleshooting VoIP and Streaming Video Problems

CT LANforge WiFIRE Chromebook a/b/g/n WiFi Traffic Generator with 128 Virtual STA Interfaces

High-Performance Network Data Capture: Easier Said than Done

10 Port L2 Managed Gigabit Ethernet Switch with 2 Open SFP Slots - Rack Mountable

Cisco Bandwidth Quality Manager 3.1

WhatsUpGold. v3.0. WhatsConnected User Guide

Deliver More Applications for More Users

Cisco Network Analysis Module Software 4.0

Xirrus Management System

WanVelocity. WAN Optimization & Acceleration

Cisco IPS Manager Express

NetAlly VoIP Readiness Tutorial

Testing VoIP on MPLS Networks

Analyze hop-by-hop path, devices, interfaces, and queues Locate and troubleshoot problems

OAISYS and ShoreTel: Call Recording Solution Configuration. An OAISYS White Paper

T1/E1 WAN Analyzer. OptiView. Fast vision into WAN Links. Technical Data. Total integration. Total control. Total Network SuperVision.

StruxureWare TM Center Expert. Data

Benefits. Product Overview. There is nothing more important than our customers. DATASHEET

Intelligent Network Management System. Comprehensive Network Visibility and Management for Wireless and Fixed Networks

Quad Core Intel Xeon Processor E3. 12 x 3.5-inch SATA 6Gb/s, SATA 3Gb/s hard drive. 1. The system is shipped without HDD.

AT&T Connect Video Conferencing Functional and Architectural Overview. v9.5 October 2012

NetVue Integrated Management System

Network Camera SNC-P1

Application Notes. Introduction. Contents. Managing IP Centrex & Hosted PBX Services. Series. VoIP Performance Management. Overview.

ETM System SIP Trunk Support Technical Discussion

Mike Canney Principal Network Analyst getpackets.com

Total Recall Max SIP VoIP Call Recording Server

Network Performance Management Solutions Architecture

EdgeRouter Lite 3-Port Router. Datasheet. Model: ERLite-3. Sophisticated Routing Features. Advanced Security, Monitoring, and Management

The next IP SLA generation Solution. Advisor SLA. Network Performance Monitoring Solution.

Elevating Data Center Performance Management

White Paper. Recording Server Virtualization

The Video Server. IP Video Server (Codec) with H264 compression, Power over Ethernet & SD card recording. Data Sheet.

Applications. Network Application Performance Analysis. Laboratory. Objective. Overview

Ports utilisés. Ports utilisés par le XT1000/5000 :

Meraki MX Family Cloud Managed Security Appliances

Network Management and Monitoring Software

DA-3600A Data Network Analyzer Advanced Network analysis and troubleshooting

Lab Testing Summary Report

Benefits. Product Overview. There is nothing more important than our customers. DATASHEET

Universal Form-factor. Wi Fi Troubleshooting Made Easy

Cisco Prime Virtual Network Analysis Module

ANNEX III BUDGET PROPOSAL AS PER LOTS LOT 1

System Requirements Table of contents

Network Forensics Buyer s Guide

Cisco Prime Network Analysis Module Software 5.1 for WAAS VB

OBSERVEIT DEPLOYMENT SIZING GUIDE

CONSTRUCTION / SERVICE BILLING SYSTEM SPECIFICATIONS

Adapt Support Managed Service Programs

Avaya Call Recording Solution Configuration

DNA. White Paper. DNA White paper Version: 1.08 Release Date: 1 st July, 2015 Expiry Date: 31 st December, Ian Silvester DNA Manager.

Delivers fast, accurate data about security threats:

Datasheet. Cover. Datasheet. (Enterprise Edition) Copyright 2013 Colasoft LLC. All rights reserved. 0

Features Overview Guide About new features in WhatsUp Gold v12

Security Information & Event Manager (SIEM)

Analyzing Full-Duplex Networks

Web Analytics Understand your web visitors without web logs or page tags and keep all your data inside your firewall.

An Oracle White Paper July Oracle Enterprise Operations Monitor: Real-Time Voice over Internet Protocol Monitoring and Troubleshooting

NetCrunch 6. AdRem. Network Monitoring Server. Document. Monitor. Manage

WAN Optimization. Riverbed Steelhead Appliances

Gigabit Ethernet Packet Capture. User s Guide

How To Set Up Foglight Nms For A Proof Of Concept

Hardware/Software Requirements For Self-Hosting Multi Server

Alcatel-Lucent OmniVista TM 4760 Network Management System

Transcription:

Network Time Machine Fastest all-in-one appliance for back in time network and application analysis Network Time Machine is a high-performance stream-to-disk appliance designed to continuously monitor and capture traffic on critical network links to facilitate back-in-time, deep packet analysis of traffic. Applications include: Traffic monitoring and troubleshooting at private or public cloud edges Analyze traffic across multiple network segments Forensic troubleshooting of poor application performance Setup or QoS analysis of Voice/Video over IP Troubleshooting of tunneled traffic in Service Provider s core Unique Features: Capture traffic on multiple 10/100 Mbps, 1 Gbps and 10 Gbps Ethernet interfaces at rates in excess of 10 Gbps Plug-and-play operation automatically identifies applications, collects, and displays relevant statistics in userconfigurable dashboards Innovative Performance Bottleneck Analysis (PBA) visually identifies whether problems are in the server or the network Provides QoS metrics, statistics and trending charts of application and flow levels for buffered and historical data. Best-in-class, real-time Video/Voice over IP metrics and troubleshooting Portable and rack mount versions with RAID options and multiple terabytes of storage. Application-centric analysis automatically shows application flows with intuitive drill down to identify root cause Multi-segment analysis function built-in for quick network latency analysis Application infrastructure, like the network, has become distributed and diverse. Traditional network monitoring solutions that provide connectivity and resource availability metrics are no longer sufficient to fully understand the factors that affect consistent application performance to users. When application performance degrades, network engineers need tools that can be quickly and economically deployed to provide full visibility to all events on key aggregation point(s) so that an assessment can be made to where the impact was felt, and isolate to the fault domain quickly: server, network or client. Furthermore, network engineers need to support application developers and system administrators by providing the evidence to resolve the problem. The Network Time Machine answers these needs by providing instant high-level visibility of which applications and users are affected, plus detailed flow and packet level analysis. The Network Time Machine is available as either a portable or a rackmount unit. Portable NTMs are ideal for filling gaps in forensic visibility when troubleshooting or assessing network problems. The rackmount NTM, with its higher performance and larger storage capacity, is designed to monitor critical links for long-term forensic needs. Both the portable and rackmount platforms support 1/10G interfaces. Technical Data High-performance network traffic recorders for critical link analysis, network forensics and back-in-time troubleshooting

Network Time Machine is an all-in-one appliance that supports real-time monitoring and back-in-time analysis Application performance analysis Capture cards with high-performance multiport interfaces for 1G and 10G line rate allow traffic recording, including physical errors and jumbo frames. Real-time application monitoring alerts you to performance problems in network and application health. Performance Bottleneck Analysis with back-in-time metrics graphically guides the user to the problem domain across applications, sites and servers On board application centric analysis engine provides in-depth analysis of SQL, Oracle, MS Networking (SMB), VoIP, DNS, FTP, HTTP, POP3, Telnet, SMTP, SNMP, MS Exchange and Citrix from recorded packets. Built-in Wireshark decodes provide support of dozens of additional protocols used in telecom and enterprise environments. Network Time Machine s stream-to-disk technology efficiently records and indexes network traffic for quick identification and analysis on the built-in ClearSight Analyzer 1. Ethernet traffic is captured from multiple ports at full line rates by FPGA-based capture card (hardware filters supported) 2. Entire frames are sent to the PacketStore (disk array) for storage and post analysis 3. Entire frames are also sent to the various analytical and real-time monitoring engines that process, classify and index data this information is stored in the metadata database 4. The Atlas software interface provides access to the network metadata information to quickly identify the application flow in question 5. For troubleshooting and in-depth network analysis, the ClearSight Analyzer provides packet view, which facilitates fundamental protocol, multi-segment flow analysis and content playback Multi-segment network analysis Merges and analyzes flows captured from different locations and generates a multi-segment bounce chart. Quickly visualize and isolate the root cause of network problems, such as packet drop or abnormal network latency. Auto-sync function compensates for the variation between system clocks of capturing devices in network segments facilitating analysis even if the capturing device is out-of-sync Supports clock synchronization from external sources: GPS or NTP VoIP performance analysis Realtime QoS, call type and codec analysis classification See call setup problems (e.g. can t connect, busy) without needing to see packet decodes. Drill-down to see which users (by phone number) are affected by poor quality or call setup issues Seamless extraction of packets from call setup to RTP and RTCP steam. Playback voice and video simultaneously for problem verification including out-of-sync video and audio tracks Compliance/security forensics See when a suspect host exhibits activities and who it talked with. Pattern matching with free offset, and application/flow based filtering to quickly extract relevant flow in the captured traffic. Bounce charts to show detailed transactions between suspect and target. FTP, messaging, email, voice or video can be played back to quickly gather the evidence required for action. 2

Key Features: Intuitive Application Performance Bottleneck Analysis reduces time to setup and fault domain isolation The Network Time Machine (NTM) automatically discovers applications and reports performance trending metrics by server, network and client site. The unique Performance Bottleneck Analysis (PBA) displays server, network and client site time for each TCP flow. PBA metrics show where application time is spent; immediately identifying the root cause of application performance complaints. In addition, the NTM also shows how related performance metrics change over time, allowing identification of the fault domain to a specific server, or network. The packet extraction process is integrated with the UI so that the set of flows exhibiting the problem can be quickly analyzed. Once the relevant packets are extracted, the NTM guides users from application to flow to transaction views using an intuitive drill down process. Bounce charts give a clear indication of how transactions transverse over time and indicate problem packets without going into decode view. The result is increased operational efficiencies through a reduced learning curve, shorter time to domain isolation and quicker root cause resolution. Fluke Networks Performance Bottleneck Analysis (PBA) is based on a patent-pending algorithm in which the analyzer isolates the time that a flow spends with the server, network and client. The algorithm requires one measurement point in the network near the end-point, such as the server or client. This speeds troubleshooting time as it does not require measurements at two locations to determine change in network latency. Server Time Data Center TCP Flow Client Time Site A Site B Site C Flow Time 30 Sites (5 subnet ranges each) Enhanced reporting and analysis of key performance indicators (KPIs) With minimal configuration, the Network Time Machine trends KPIs over time for servers, applications and sites. These indicators include: Data volume Retransmissions Connections Throughput TCP resets Excessive retransmissions by site or server Zero window events Users can go back in time to review performance metrics even when the underlying packet has been aged and replaced with more recent traffic. Many performance report templates are available, and can be further customized. Reports can be scheduled daily, or created on demand for a specified time range. Some report templates include: Figure 1; The Performance Bottleneck Analysis function of the NTM V8.0 shows the average time application flows (for example, SMTP and HTTP) spent on the server and network. The bottom graph area indicates a sudden increase and return to normal in server time during the analysis period. KPI status or trending report by application, server and site Problem status or trending reports by application, server and site H.323, RTP and SIP MOS distribution Network KPI trends overview Application/IP protocol distribution Figure 2: Drilling into the PBA results from figure 1 shows how quickly NTM can get to root cause. In the upper graph, we note that the server time has increased. The middle graphs shows that this happened when the server reduced the number of connections it managed and transmitted a large number of TCP resets to the client(bottom graph). 3

Realtime Voice and Video Analysis The Network Time Machine provides realtime metrics on voice and video performance - without additional agents or polling to the Call Manager. Even without visibility of the setup traffic, the NTM can reassemble the caller/callee information from the RTP stream in realtime to generate quality assessment for the video/voice stream. Its high performance capture and analysis architecture make it the ideal quickto-deploy analysis solution for VoIP in carrier grade operation. Extract packets for a call with just a click of a button. Call setup and RTP/RTCP streams are extracted together, correlated and shown on a bounce chart for easy visualization and playback. Automatic Tunneled Traffic Analysis in multi-tenant networks Tunneling protocols encapsulate traffic, much like VLANs in LANs, to segment and prioritize traffic. The Network Time Machine automatically analyzes and decodes tunneled traffic, allowing network engineers of Telecom Service Providers and Large Enterprises to conduct application performance analysis and troubleshoot applications in each tunnel quickly. A large variety of tunneling protocols are supported, including IpinIP, L2TP, PPPoE, GRE, MPLS, QinQ, PBB/PBT, and GTPU. Customized tunnel protocol support can be easily defined and added. In addition, filtering conditions can easily be configured based on tunneling protocol and bit-pattern for quick extraction of relevant packets. Figure 3. Display overall and individual call quality statistics. Figure 4. Support for a wide variety of tunneling protocols is provided, or define your own. Onboard Application and Packet Analysis The NTM integrates the powerful application-centric analysis engine based on the award-winning ClearSight Analyzer (CSA) which provides automatic application analysis. For each application flow, the CSA automatically constructs bounce charts and notes with highlighted text and color codes to indicate application impairments, such as slow TCP sever response and error status. The unique PBA metrics for each flow are displayed as a pie-chart, providing quick comparison of time spent with the server or the network. Multi-Segment Analysis The NTM supports multi-segment analysis so you can quickly analyze flows that are captured across multiple tiers of servers or network segments. Captures may be imported from other NTM s, the ClearSight Analyzer software or even Wireshark. This powerful capability visually identifies problems in timing, command/response and TCP level impairments such as lost packets or out-of-order sequence. It also supports WireShark decodes, providing visibility into a huge range of application issues. Figure 5. Performance Bottleneck Analysis of a connection between an individual server and client shows the time spent on the server, network, and client. This analysis can be done without the need of installing an NTM at both ends of the link. Figure 6. Multi-segment bounce chart shows timing of packets as they transverse two network segments 4

Secure Remote Control Each NTM unit can be accessed remotely using the NTM Remote Agent Manager (RAM) or Remote Agent Viewer. A Remote Agent Manager can configure and control the NTM. Up to 20 Remote Agent Viewers can monitor an NTM simultaneously but cannot configure the NTM. User accounts can be setup through the RAM to limit each user s right to extract packets captured in the NTM. Communication between NTM and Remote Agent Manager or Viewer is encrypted using SSL (RFC 1428). Up to 20 Remote agent viewers 1 Remote agent manager The Remote Agent Manager and viewer software comes with unlimited licenses and can be freely installed in any PC running Windows XP/ Vista /7 to access the any NTM on the network. Problems detected by NTM s real-time monitoring are consolidated to a central problem manager within the Remote Agent Manager software. Figure 7. Up to 20 Remote Viewers can remotely connect to an NTM Taps simplify access to a wide variety of network link types Flue Networks tap solutions support 10/100/1000Mbps and 10Gbps links and are available in many configurations: - Inline Taps - Inline aggregation Taps - SPAN aggregation Taps - Inline switch Taps - SPAN aggregation switch Taps - Any-to-any port switch Taps Network Time Machine Figure 8. Simultaneously monitor up to four 1 Gbps SPAN Port SPAN Port Network Time Machine Figure 9. Simultaneously monitor up to four network segments Inline TAP Network Time Machine Figure 10. Simultaneously monitor two 1 Gbps full duplex links via inline tap 5

Product selection guide: Model Number Express Standard Standard EA Premium Portable1A Portable2 Model Number CSN/NTM-EX3 CSN/NTM-ST3-4TB CSN/NTM-ST3-8TB CSN/NTM-ST3-EA CSN/NTM-ST3-EA3 CSN/NTM-PR3-S5 CSN/NTM-PO1A CSN/NTM-PO2-1G CSN/NTM-PO2-10G Interface rate (Gbps) 7 1 1 1 10 1 1 or 10 Number and type of interfaces Type of media supported 4 SFP 4 SFP 4 SFP 2 XFP 4 SFP 4 SFP or 2 XFP 10GBASE-SR 10GBASE-LR or 10GBASE-SR 10GBASE-LR Stream-to-disk 2 4 4 10 2 3 throughput (Gbps) 1 RAID configuration 0 5 5 5 0 5 Raw capacity (TB) 2 2 12 12+24/36 3.6+7.2 1.9 3.3 PacketStore capacity 1 4/8 20/30 6.1 1.4 1.7 (TB) 4 Max. capacity with external storage array N/A N/A Up to 216TB with 5 additional external storage arrays 18.3TB with 2 additional external storage arrays Note: 1. Stream-to-disk throughput is the maximum traffic rate at which NTM can store data to disk with no packet loss. The traffic was all 64 byte packets and the test was run no less than 3 hours 2. Raw capacity is total raw hard disk storage available. It will be consumed by OS, NTM system programs, PacketStore and other temporary program buffers 3. OS+Metadata capacity are disk space reserved for OS, NTM System Software and the Metadata database where packet indexing data is kept. 4. PacketStore is the database where packets captured are stored. Amount specified is disk space reserved for storage. 5. Premium3 can support both 1 and 10Gbps interfaces in the same appliance 6. No SFP transceivers are included with NTM. Please order separately CSN/ACC-90XX. 7. Field upgrade to add 10Gbps interface available for Standard, and field upgrade to add 1Gbps interface available for Premium N/A N/A Portable NTM NTM Express NTM Standard NTM Standard EA or Premium 6

Technical Specifications: Model Number Express Standard Standard EA Premium Portable1A Portable2 Model Number CPU OS CSN/NTM-EX3 Quad Core Intel Xeon X3430 Processor, 2.4GHz CSN/NTM-ST3-4TB CSN/NTM-ST3-8TB Two Quad Core Xeon E5620 CSN/NTM-ST3-EA CSN/NTM-ST3-EA3 Two Quad Core Xeon E5620 CSN/NTM-PR3-S5 Two Quad Core Xeon E5620 CSN/NTM-PO1A Intel Quad Core i7 Processor, 2.67GHz Windows 7 CSN/NTM-PO2-1G CSN/NTM-PO2-10G L5420 Quad Core, 2.5GHz Memory 4GB 4GB 4GB 4GB 4GB 4GB Power supply Dimensions One non-redundant 350W Height: 4.24cm (1.67 ) Width: 43.4cm (17.1 ) Depth: 61cm (24 ) High output, two hot-plug 870W Height: 8.64cm (3.40 ) Width: 44.31cm (17.44 ) Depth: 68.07cm (26.80 ) High output, two hot-plug 870W Mainframe Height: 8.64cm (3.40 ) Width: 44.31cm (17.44 ) Depth: 68.07cm (26.80 ) 1 external storage included* High output, two hot-plug 870W Mainframe Height: 8.64cm (3.40 ) Width: 44.31cm (17.44 ) Depth: 68.07cm (26.80 ) 1 external storage included* 460W auto switching Height: 29cm (11.44 ) Width: 42.7cm (16.8 ) Depth: 14.5cm (5.69 ) 460W auto switching Height: 29cm (11.44 ) Width: 42.7cm (16.8 ) Depth: 14.5cm (5.69 ) Weight 9.1kg (20lb) 26.1kg (57.54lb) 26.1kg (57.54lb) 26.1kg (57.54lb) 10.2kg (22.5lb) 10.2kg (22.5lb) * The external storage array unit included with NTM Standard EA and Premium has the same dimensions Height: 8.68 cm (3.4 ), Width: 22.6 cm (17.6 ), Depth: 56.1 cm (22.1 ), Weight: 28.39 kg (62.6 lb) (max config). The minimum system requirements for the NTM Distributed Agent Manager and Remote Viewer are shown below. Item Computer Processor RAM Hard disk space Operating systems Monitor Network adapter Minimum requirement Industry standard computer (laptop or desktop), with a CD/DVD-ROM drive for software installation Pentium 4 (or equivalent) running at 1 GHz minimum (2 GHz recommended) 512 MB minimum (1 GB recommended) 2 GB minimum if running Windows Vista or Windows 7 250 MB. In addition, you should have space to store saved trace files. Individual trace files can be as large as 1 GB, but it is not recommended to open a trace file larger than 256 MB. 2 GB minimum if running Windows Vista or Windows7 Microsoft Windows XP Home Edition with SP3 (disable the firewall) Microsoft Windows XP Professional with SP3 (disable the firewall) Microsoft Vista (32 bit) with SP1 or SP2 Microsoft Windows 7 (32 bit) VGA color monitor with 1024 x 768 resolution and 256 colors Standard Ethernet network interface card 7

Gold Support Services Gold Support allows you to make the most of your investment while ensuring a higher return on your investment. Minimize your downtime, receive faster troubleshooting resolution and have total access to all support resources. With Gold Support, you ll receive: Software and firmware upgrades free of charge. Members-only training and webcasts Immediate 24X7 live technical support and consulting Complete access to our valuable knowl edge base Members-only promotions All NTM appliances come with 1 year standard factory warranty. Gold Maintenance Support for NTM Portables is available in the form of 1 year extended factory repair warranty. Onsite hardware service is available for NTM Premium, Standard and Express appliances (sold after July 2010) under the Gold Support Service (Network Interface Card not included). For models, options and accessories, visit: www.flukenetworks.com/ntm Fluke Networks P.O. Box 777, Everett, WA USA 98206-0777 Fluke Networks operates in more than 50 countries worldwide. To find your local office contact details, go to www.flukenetworks.com/contact. 2011 Fluke Corporation. All rights reserved. Printed in U.S.A. 12/2011 3780540H 8

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information